CacheShuffle: A Family of Oblivious Shuffles

Authors Sarvar Patel, Giuseppe Persiano, Kevin Yeo



PDF
Thumbnail PDF

File

LIPIcs.ICALP.2018.161.pdf
  • Filesize: 436 kB
  • 13 pages

Document Identifiers

Author Details

Sarvar Patel
  • Google LLC, Mountain View, USA
Giuseppe Persiano
  • Google LLC, Mountain View, USA and Università di Salerno, Salerno, Italy
Kevin Yeo
  • Google LLC, Mountain View, USA

Cite AsGet BibTex

Sarvar Patel, Giuseppe Persiano, and Kevin Yeo. CacheShuffle: A Family of Oblivious Shuffles. In 45th International Colloquium on Automata, Languages, and Programming (ICALP 2018). Leibniz International Proceedings in Informatics (LIPIcs), Volume 107, pp. 161:1-161:13, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2018)
https://doi.org/10.4230/LIPIcs.ICALP.2018.161

Abstract

We consider oblivious two-party protocols where a client outsources N blocks of private data to a server. The client wishes to access the data to perform operations in such a way that the access pattern does not leak information about the data and the operations. In this context, we consider oblivious shuffling with a focus on bandwidth efficient protocols for clients with small local memory. In the shuffling problem, the N outsourced blocks, B_1,...,B_N, are stored on the server according to an initial permutation pi. The client wishes to reshuffle the blocks according to permutation sigma. Oblivious shuffling is a building block in several applications that hide patterns of data access. In this paper, we introduce a generalization of the oblivious shuffling problem, the K-oblivious shuffling problem, and provide bandwidth efficient algorithms for a wide range of client storage requirements. The task of a K-oblivious shuffling algorithm is to shuffle N encrypted blocks that were previously randomly allocated on the server in such a way that an adversarial server learns nothing about either the new allocation of blocks or the block contents. The security guarantee must hold when an adversary has partial information on the initial placement of a subset of K <=N revealed blocks. The notion of oblivious shuffling is obtained for K=N. We first study the N-oblivious shuffling problem and start by presenting CacheShuffleRoot, that is tailored for clients with O(sqrt{N}) blocks of memory and uses approximately 4N blocks of bandwidth. CacheShuffleRoot is a 4x improvement over the previous best known N-oblivious shuffle for practical sizes of N. We then generalize CacheShuffleRoot to CacheShuffle that can be instantiated for any client memory size S and requires O(N log_S N) blocks of bandwidth. Next, we present K-oblivious shuffling algorithms that require 2N + f(K,S) blocks of bandwidth for all K and a wide range of S. Any extra bandwidth above the 2N lower bound depends solely on K and S. Specifically, for clients with O(K) blocks of memory, we present KCacheShuffleBasic that uses exactly 2N blocks of bandwidth. For clients with memory S <= K, we present KCacheShuffle, that requires 2N + O(K log_S K) blocks of bandwidth. Finally, motivated by applications to ORAMs, we consider the case where the server stores D dummy blocks whose contents are irrelevant in addition to the N real blocks. For this case, we design algorithm KCacheShuffleDummy that shuffles N+D blocks with K revealed blocks using O(K) blocks of client storage and approximately D+2N blocks of bandwidth.

Subject Classification

ACM Subject Classification
  • Security and privacy → Management and querying of encrypted data
  • Security and privacy → Privacy-preserving protocols
  • Information systems → Data encryption
Keywords
  • Shuffling
  • Data-Oblivious Algorithms

Metrics

  • Access Statistics
  • Total Accesses (updated on a weekly basis)
    0
    PDF Downloads

References

  1. M. Ajtai, J. Komlós, and E. Szemerédi. An O(nlog n) sorting network. In Proceedings of the Fifteenth Annual ACM Symposium on Theory of Computing, STOC '83, pages 1-9. ACM, 1983. Google Scholar
  2. K. E. Batcher. Sorting networks and their applications. In Proceedings of the April 30-May 2, 1968, Spring Joint Computer Conference, AFIPS '68 (Spring), pages 307-314. ACM, 1968. Google Scholar
  3. Andrea Bittau, Úlfar Erlingsson, Petros Maniatis, Ilya Mironov, Ananth Raghunathan, David Lie, Mitch Rudominer, Ushasree Kode, Julien Tinnés, and Bernhard Seefeld. Prochlo: Strong privacy for analytics in the crowd. In SOSP, pages 441-459. ACM, 2017. Google Scholar
  4. O. Goldreich. Towards a theory of software protection and simulation by oblivious RAMs. In Proceedings of the Nineteenth Annual ACM Symposium on Theory of Computing, STOC '87, pages 182-194, New York, NY, USA, 1987. ACM. Google Scholar
  5. Oded Goldreich and Rafail Ostrovsky. Software protection and simulation on oblivious rams. J. ACM, 43(3):431-473, 1996. Google Scholar
  6. Michael T. Goodrich. Randomized Shellsort: A simple data-oblivious sorting algorithm. J. ACM, 58(6):27:1-27:26, 2011. URL: http://dx.doi.org/10.1145/2049697.2049701.
  7. Michael T. Goodrich. Zig-Zag sort: A simple deterministic data-oblivious sorting algorithm running in O(nlog n) time. In Proceedings of the Forty-sixth Annual ACM Symposium on Theory of Computing, STOC '14, pages 684-693, New York, NY, USA, 2014. ACM. URL: http://dx.doi.org/10.1145/2591796.2591830.
  8. Chang Liu, Liehuang Zhu, Mingzhong Wang, and Yu-An Tan. Search pattern leakage in searchable encryption: Attacks and new construction. Inf. Sci., 265:176-188, 2014. Google Scholar
  9. Muhammad Naveed, Seny Kamara, and Charles V. Wright. Inference attacks on property-preserving encrypted databases. In CCS '15, pages 644-655. ACM, 2015. Google Scholar
  10. Olga Ohrimenko, Michael T. Goodrich, Roberto Tamassia, and Eli Upfal. The Melbourne shuffle: Improving oblivious storage in the cloud. In Automata, Languages, and Programming: 41st International Colloquium, ICALP 2014, Copenhagen, Denmark, July 8-11, 2014, Proceedings, Part II, pages 556-567, 2014. Google Scholar
  11. Sarvar Patel, Giuseppe Persiano, and Kevin Yeo. CacheShuffle: A family of oblivious shuffles. CoRR, abs/1705.07069, 2017. URL: http://arxiv.org/abs/1705.07069.
  12. Emil Stefanov, Elaine Shi, and Dawn Song. Towards practical oblivious ram. arXiv preprint arXiv:1106.3652, 2011. Google Scholar
  13. Abraham Waksman. A permutation network. J. ACM, 15(1):159-163, 1968. URL: http://dx.doi.org/10.1145/321439.321449.
Questions / Remarks / Feedback
X

Feedback for Dagstuhl Publishing


Thanks for your feedback!

Feedback submitted

Could not send message

Please try again later or send an E-mail